[Fedora-directory-users] netscapeRoot and Config propagation
Rich Megginson
rmeggins at redhat.com
Thu Mar 6 21:39:21 UTC 2008
Ken Marsh wrote:
>
> Thanks everyone for answering on the Groups question. I was so focused
> People ou in the GUI I didn’t see the Group ou a few menu lines up. J
> I went into it and rediscovered that I knew how to create posixgroups
> two years ago. I created a new one succesfully and added users to it.
> On an LDAP-ified Linux host they can now newgrp to that group.
>
> Now I have two more complicated questions.
>
> 1. Group info does not multi-master replicate like user info does.
>
> Specifically, I would like to manage posixgroups from any MultiMaster
> server. My new posix group is stuck on just the server I created it on.
>
By default replication should replicate everything - it does not care
what type of data it is.
>
> 2. Config data does not multi-master replicate like user info does.
>
> It would be nice to administer any server from any server.
>
The console/admin server don't really work that way. You should use
o=NetscapeRoot replication for failover, not general load balancing. See
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html
>
> At the moment the only way I know how to do this is on installation. I
> don’t want to reinstall any DS at this point, though. My understanding
> is that mmr.pl sets up replication for only userRoot, not NetscapeRoot.
>
> I went through the Admin GUI and under the Configuration tab,
> Replication->NetscapeRoot I checked “Enable Replica”, checked
> MultiMaster and set up the Current Supplier DN’s to
> cn=repman,cn=config just like userRoot.
>
> Now it has a replica entry under Directory Tab->config->mapping tree
> just like dc=company,dc=com . However the attributes under
> o=NetscapeRoot do not have the nsslapd-backend and nsslapd-referral
> attributes. I’m guessing I need something like mmr.pl except for
> NetscapeRoot to fill in the blanks.
>
> Is there a howto for this, or any tips?
>
> Once again, thanks to the Fedora DS development team for a great
> product. Despite my noobish questions, it has saved me countless
> manhours and been very reliable.
>
> Ken Marsh
>
> ANS System Administration Lead
>
> (410) 876-9200
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080306/b9aea9bd/attachment.bin>
More information about the 389-users
mailing list